Security Compliance Manager

General Information

Press space or enter keys to toggle section visibility

Company Deloitte Business Unit Enabling Functions Primary Location Zaventem Industry Focus Industry Agnostic Recruiter Al-Mbaidin, Kais - kalmbaidin@deloitte.com

Description Of The Position

Press space or enter keys to toggle section visibility

Can’t wait to make an impact on the world? You’re not alone. Join us in driving progress in the working world and beyond. Your journey with us

The IT Security Compliance officer is responsible for supporting and assisting in the management of the organization's IT compliance program. They work closely with IT teams, security professionals, and other stakeholders to ensure that the organization complies with relevant laws, regulations, industry standards, and internal policies pertaining to information security and data privacy.

Key Responsibilities:

• Compliance Monitoring and Auditing:
• Assist in conducting regular compliance assessments and audits to identify gaps and vulnerabilities.
• Maintain and enhance our ISO27001 certification by supporting external & internal audit processes and driving continuous improvements in our security posture. This includes overseeing compliance with internal teams as well as ensuring that our suppliers and partners adhere to stringent information security requirements
• Maintain documentation of audit findings, corrective actions, and compliance reports.
• Policy and Procedure Management:
• Assist in the development, review, and maintenance of IT security policies and procedures.
• Ensure that policies are communicated to all relevant personnel and that compliance is tracked.
• Work with teams to align processes with policy requirements.
• Risk Assessment and Mitigation:
• Conduct risk assessments to identify security risks and vulnerabilities.
• Collaborate in developing and implementing risk mitigation strategies and action plans.
• Regularly monitor and report on the progress of risk mitigation efforts.
• Vendor & Client Security Assessments:
• Support the assessment of third-party vendors' security practices.
• Manage the completion of client security questionnaires, due diligence requests, and RFP responses, ensuring accurate and timely delivery of compliance-related information
• Maintain a record of vendor compliance assessments and findings.
• Documentation Management:
• Establish and maintain a system for organizing and archiving compliance-related documentation.
• Ensure that compliance records are up-to-date and readily accessible.
• Assist in streamlining documentation processes for efficiency.
• Compliance Reporting:
• Assist in the preparation and submission of compliance reports to regulatory bodies or internal stakeholders.
• Ensure compliance reporting deadlines are met.
• Generate compliance dashboards and metrics for management review.
• Continuous Improvement Initiatives:
• Identify opportunities for process improvements based on audit findings and best practices.
• Collaborate with teams to implement process enhancements.
• Monitor and document the impact of process improvements.
• Assist in conducting regular compliance assessments and audits to identify gaps and vulnerabilities.
• Maintain and enhance our ISO27001 certification by supporting external & internal audit processes and driving continuous improvements in our security posture. This includes overseeing compliance with internal teams as well as ensuring that our suppliers and partners adhere to stringent information security requirements
• Maintain documentation of audit findings, corrective actions, and compliance reports.
• Assist in the development, review, and maintenance of IT security policies and procedures.
• Ensure that policies are communicated to all relevant personnel and that compliance is tracked.
• Work with teams to align processes with policy requirements.
• Conduct risk assessments to identify security risks and vulnerabilities.
• Collaborate in developing and implementing risk mitigation strategies and action plans.
• Regularly monitor and report on the progress of risk mitigation efforts.
• Support the assessment of third-party vendors' security practices.
• Manage the completion of client security questionnaires, due diligence requests, and RFP responses, ensuring accurate and timely delivery of compliance-related information
• Maintain a record of vendor compliance assessments and findings.
• Establish and maintain a system for organizing and archiving compliance-related documentation.
• Ensure that compliance records are up-to-date and readily accessible.
• Assist in streamlining documentation processes for efficiency.
• Assist in the preparation and submission of compliance reports to regulatory bodies or internal stakeholders.
• Ensure compliance reporting deadlines are met.
• Generate compliance dashboards and metrics for management review.
• Identify opportunities for process improvements based on audit findings and best practices.
• Collaborate with teams to implement process enhancements.
• Monitor and document the impact of process improvements.

Let's talk about you

• Bachelor’s degree in information security, Computer Science, or a related field, or equivalent experience gained through professional work.
• Several years of experience in information security compliance, risk management, or IT audit, ideally with direct exposure to ISO27001 certification processes and client compliance requirements
• You have an excellent command of English and Dutch or French, both written and spoken.
• Relevant security certifications are preferred. (e.g. CISM, CRISC, CISSP… )
• Proven experience in information security compliance, risk management
• Strong knowledge of ISO/IEC 27001 and practical experience maintaining certification.
• Good understanding of governance, risk, and compliance (GRC) frameworks.
• Excellent communication and interpersonal skills.
• Ability to work collaboratively with cross-functional teams.
• Experience with GRC tools (e.g. Eramba) is a plus.

Our story Highly skilled and motivated professionals in our IT Team support with different projects to deliver innovative solutions and with specialized operational guidance to ease our internal clients each day. IT's mission is to embed technology which supports the 'Deloitte way' of doing business, providing a distinctive experience that enables new business, transforms the existing business and provides world class customer support.

Who is Deloitte?
We provide industry-leading audit and assurance, tax and legal, consulting and related services. We are committed to driving innovation across offerings to help our clients address their challenges, while giving our professionals opportunities to learn and grow in this era of transformation.
In Belgium, +5000 dedicated professionals active in +10 offices, take great pride in bringing multidisciplinary expertise to a wide variety of clients, from national and international companies, small, fast-growing and large organizations to public institutions and governmental authorities.
Why Deloitte?
Be the true you! We foster diversity and inclusion and encourage you to bring your authentic self to work. Explore, question and collaborate while building a career that inspires and energises you.
Never stop growing! Diversity of thought makes us stronger. At Deloitte, we tailor a personalized learning experience, offering you the opportunity to grow at your own pace and achieve maximum impact.
We practice what we preach! As a Purpose-led organisation, at the heart of everything we do is a set of timeless principles and unifying values.
Life looks different for each of us, so we created a varied benefits package that you can tap into:

• My Benefits My Choice, a flexible rewards plan tailored to your lifestyle and priorities
• Sustainable transport options offered by Mobility@Deloitte
• Flexible work arrangements for all and initiatives supported by Parents@Deloitte
• Wellbeing tips and activities powered by Energise@Deloitte
• Topped off with other health benefits and insurance opportunities

Empowering our employees with flexible work arrangements remains essential in today's reality:

• Hybrid workplace: combination of home office and on-site (+10 offices in Belgium or client's premises).
• Part-time employment: all our jobs are open to full-time or part-time work under a 90% or 80% regime.

Join us to make an impact together! Apply now!